GitBit
BlogFirst lesson
Sign Up

Question 7 of 9

Previous QuestionNext Question

You have a Microsoft Sentinel workspace. The workspace has two connectors configured. One for Azure AD and another one for Microsoft Office 365.

A new admin has been hired and needs to perform the following tasks.

  • Manage incidents
  • Create and run playbooks

Which two roles should you assign to the new user?

The Contributor can perform everything the owner can except they can't assign roles.

The Logic App contributor role allows you to manage logic apps including playbooks and incidents.

The Microsoft Sentinel Reader cannot manage incidents. The role can only be used to read/view.

The Microsoft Sentinel Automation Contributor can add playbooks to automation rules. It isn't designed to be assigned to a user.

The Managed Application Operator Role allows you to read and manage actions on managed application resources.

https://www.gitbit.org/course/ms-500/learn/Collect-detect-investigate-and-respond-to-security-threats-using-Microsoft-Sentinel-LEyZMWBSt

https://docs.microsoft.com/en-us/azure/sentinel/roles

Did you like the site?